DEV Community

Discussion on: Closures: The JS Scope Hack

boyum profile image
Sindre Bøyum

Using closures this way is a nice touch! It's true that the secret variable inside checkSecret can't be changed, however I would be careful not to add anything too secret this way, as checkSecret.toString() returns

"() => {
  const secret = 'pillow' // gets tossed into the bin! 
  return attempt => {
    return secret === attempt

thus revealing the secret string.

bbarbour profile image
Brian Barbour Author • Edited on

👍 Right! Put actual secrets into .env variables.